Apparatus and method for authentication components of a public network are disclosed. A master compares an actual HMAC with an expected HMAC, determines that component fails authentication when the actual HMAC does not match the expected HMAC and causes at least one operation to be inhibited when component fails authentication for a preset number of times while the component is connected to the public network. The actual HMAC is determined by the component. The expected HMAC and actual HMAC are independently determined using the same process and using a key. The same key is stored, in advance, in both the master and the component and not transmitted. The master generates a random number and sends the same to the component. The expected HMAC and actual HMAC are determined using the random number input into a one-way hash function.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. An apparatus comprising: a storage storing a key associated with a vehicle device; a processor configured to: generate a random number; send the random number to the vehicle device via a vehicle communication network; receive an actual hash message authentication code (HMAC) from the vehicle device via the vehicle communication network, where the vehicle device determines the actual HMAC using a HMAC algorithm on an input and the key stored in a storage of the vehicle device, the input being determined by the vehicle device using a hash function on the random number; determine an expected hash message authentication code (HMAC) for the vehicle device using the HMAC algorithm on an input and the key stored in the storage, the input being determined by the apparatus using the hash function on the random number; compare the actual HMAC with the expected HMAC; determine that the vehicle device fails authentication when the actual HMAC does not match the expected HMAC; and cause at least one vehicle operation to be inhibited when the vehicle device fails authentication for a preset number of times while the vehicle device is connected to the vehicle communication network, wherein causing at least one vehicle operation to inhibited comprises controlling certain vehicle operations upon authentication based on input received from interfaces.
This invention relates to a vehicle authentication system that verifies the legitimacy of a vehicle device by using cryptographic techniques to prevent unauthorized access or control. The system includes a storage that holds a cryptographic key associated with a vehicle device and a processor that performs authentication checks. The processor generates a random number and sends it to the vehicle device over a vehicle communication network. The vehicle device computes an actual HMAC (Hash Message Authentication Code) by applying a hash function to the random number and then using the HMAC algorithm with its stored key. The apparatus similarly computes an expected HMAC using the same random number, hash function, and its stored key. If the actual and expected HMACs do not match, the vehicle device fails authentication. If authentication fails a preset number of times while the device is connected to the network, the system inhibits certain vehicle operations, such as disabling access to vehicle controls or features based on input from user interfaces. This ensures that only authorized devices can interact with the vehicle, enhancing security against tampering or unauthorized access.
2. The apparatus according to claim 1 , wherein the processor is further configured to: set a timer when the random number is sent to the vehicle device, the timer being set to a time where the apparatus must receive the actual HMAC.
This invention relates to a secure communication system for vehicle devices, addressing the challenge of verifying the authenticity and integrity of messages exchanged between a central apparatus and a vehicle device. The system uses cryptographic techniques, specifically a Hash-based Message Authentication Code (HMAC), to ensure that messages are not tampered with during transmission. The apparatus includes a processor that generates a random number and sends it to the vehicle device, which then computes an HMAC using a shared secret key and the random number. The vehicle device returns this HMAC to the apparatus for verification. To prevent replay attacks or delays in communication, the apparatus sets a timer when sending the random number, requiring the vehicle device to respond with the actual HMAC within a specified time. If the HMAC is not received within this timeframe, the apparatus may reject the communication or take other security measures. This mechanism ensures that the communication is both timely and secure, mitigating risks such as unauthorized access or message manipulation. The system is particularly useful in automotive applications where secure and reliable communication is critical for safety and operational integrity.
3. The apparatus according to claim 2 , wherein the processor is further configured to determine that the vehicle device fails authentication when the actual HMAC is not received within the time set on the timer.
This invention relates to vehicle authentication systems, specifically addressing the challenge of securely verifying the identity of a vehicle device to prevent unauthorized access or tampering. The system includes a processor configured to generate a challenge message and transmit it to a vehicle device, which then computes a hash-based message authentication code (HMAC) using a shared secret key. The vehicle device returns this HMAC to the processor, which verifies its authenticity by comparing it to an expected HMAC. To enhance security, the processor sets a timer for receiving the HMAC response. If the actual HMAC is not received within the allotted time, the processor determines that the vehicle device has failed authentication, indicating a potential security breach or malfunction. This mechanism ensures that only legitimate devices with the correct cryptographic key and timely response can authenticate successfully, mitigating risks from delayed or spoofed responses. The system may also include additional components, such as a communication interface for transmitting the challenge and receiving the HMAC, and a memory for storing the shared secret key and timer settings. The invention improves vehicle security by enforcing strict time constraints on authentication responses, reducing vulnerabilities to replay attacks and unauthorized access.
4. The apparatus according to claim 1 , wherein the vehicle device is an energy storage system, the energy storage system comprising energy cells, a processor and contactors, wherein when the vehicle device fails authentication for the preset number of times, the processor is configured to transmit a command to the processor in the energy storage system to maintain the contactors open isolating the energy cells from a DC voltage bus.
This invention relates to vehicle energy storage systems and addresses the problem of unauthorized access or tampering with critical vehicle components. The system includes an energy storage apparatus with energy cells, a processor, and contactors that control electrical connections. The processor is configured to authenticate access requests to the energy storage system. If authentication fails a preset number of times, the processor sends a command to maintain the contactors in an open state, thereby isolating the energy cells from the vehicle's DC voltage bus. This prevents unauthorized access to the energy storage system and protects against potential electrical hazards or system damage. The system ensures that repeated failed authentication attempts result in a secure, isolated state, enhancing vehicle safety and security. The energy storage system may be part of a larger vehicle system, where the processor coordinates with other vehicle components to enforce security protocols. The invention focuses on preventing unauthorized access to energy storage systems in vehicles, particularly in scenarios where repeated authentication failures occur.
5. The apparatus according to claim 1 , wherein the storage stores a plurality of keys associated with a plurality of vehicle devices, respectively, and wherein the processor is configured to authenticate each of the plurality of vehicle devices.
This invention relates to a vehicle authentication system designed to securely manage and authenticate multiple vehicle devices. The system addresses the challenge of ensuring secure communication and access control in modern vehicles, which often integrate numerous electronic devices such as infotainment systems, telematics units, and advanced driver-assistance systems (ADAS). These devices require secure authentication to prevent unauthorized access and ensure data integrity. The system includes a storage component that holds a plurality of cryptographic keys, each uniquely associated with a different vehicle device. A processor is configured to authenticate each of these devices by verifying their respective keys. This ensures that only authorized devices can communicate with the vehicle's central control system, reducing the risk of cyberattacks or unauthorized modifications. The authentication process may involve cryptographic protocols such as digital signatures or challenge-response mechanisms to validate device identities. By centralizing key management and authentication, the system simplifies security administration and reduces the complexity of securing individual vehicle devices. This approach is particularly useful in connected vehicles, where multiple devices must interact securely while maintaining operational efficiency. The system enhances overall vehicle security by preventing unauthorized access to critical functions and protecting sensitive data transmitted between devices.
6. The apparatus according to claim 5 , wherein the plurality of vehicle devices includes a propulsion control system and an accessory power supply.
This invention relates to an apparatus for managing vehicle systems, particularly focusing on integrating multiple vehicle devices to improve operational efficiency and safety. The apparatus addresses the challenge of coordinating various vehicle subsystems, such as propulsion and power supply, to ensure optimal performance while minimizing energy consumption and system conflicts. The apparatus includes a plurality of vehicle devices, which are interconnected to enable coordinated control and monitoring. Specifically, the apparatus incorporates a propulsion control system to regulate the vehicle's movement and an accessory power supply to manage auxiliary electrical loads. The propulsion control system adjusts propulsion parameters, such as speed and torque, based on real-time conditions, while the accessory power supply ensures stable power distribution to onboard accessories without compromising primary propulsion functions. By integrating these systems, the apparatus enhances overall vehicle efficiency by optimizing power allocation and reducing unnecessary energy usage. The coordinated control also improves safety by preventing system conflicts and ensuring reliable operation under varying conditions. This approach is particularly useful in electric or hybrid vehicles, where efficient energy management is critical. The apparatus may also include additional vehicle devices, such as braking systems or thermal management units, to further expand its functionality. The invention provides a scalable solution for modern vehicles, enabling seamless integration of diverse subsystems for improved performance and reliability.
7. The apparatus according to claim 1 , wherein the processor is configured to authenticate the vehicle device when the actual HMAC matches the expected HMAC and control vehicle operations based on signals received from interfaces.
A system for secure vehicle device authentication and control involves a processor that verifies the authenticity of a vehicle device by comparing an actual HMAC (Hash-based Message Authentication Code) with an expected HMAC. If the HMACs match, the processor authenticates the device and proceeds to manage vehicle operations based on signals received from various interfaces. The system ensures that only authorized devices can interact with the vehicle, preventing unauthorized access or control. The processor may also handle communication with external systems, such as cloud servers or user devices, to further validate commands or retrieve necessary authentication data. The interfaces could include wireless communication modules, user input devices, or onboard vehicle sensors, allowing the system to respond dynamically to different operational scenarios. This approach enhances vehicle security by ensuring that all interactions with the vehicle are authenticated and authorized before any control actions are executed. The system may also log authentication attempts and operational commands for auditing and security monitoring purposes.
8. The apparatus according to claim 1 , wherein the processor is further configured to count a number of times authentication has failed and compare the counted number of times with the preset number of times, and when the counted number of times is less the preset number of times, the processor is configured to generate a new random number and send the new random number to the vehicle device via the vehicle communication network, the expected HMAC is determined using the new random number and the key stored in the storage.
This invention relates to vehicle authentication systems, specifically improving security in vehicle communication networks by dynamically generating and validating authentication challenges. The problem addressed is the risk of unauthorized access due to repeated authentication attempts, which can be exploited in replay attacks or brute-force methods. The system includes a processor that monitors authentication attempts between a vehicle device and a central authentication server. The processor counts the number of failed authentication attempts and compares this count to a preset threshold. If the count is below the threshold, the processor generates a new random number and sends it to the vehicle device over the vehicle communication network. The vehicle device then uses this random number and a stored cryptographic key to compute an expected HMAC (Hash-based Message Authentication Code). This dynamic challenge-response mechanism ensures that each authentication attempt uses a unique random number, making it difficult for attackers to predict or reuse valid authentication tokens. The system enhances security by preventing replay attacks and reducing the likelihood of successful brute-force attempts, even if an attacker intercepts previous authentication attempts. The invention is particularly useful in automotive systems where secure communication between vehicle components and external servers is critical.
9. A method for authenticating onboard processors over a vehicle communication network, comprising: generating a random number from a master; sending the random number from the master unit to at least one vehicle device; receiving an actual hash message authentication code (HMAC) from the at least one vehicle device via the vehicle communication network, where each of the at least one vehicle device determines the actual HMAC using a HMAC algorithm on an input and a key stored in the respective vehicle device, the input being determined by each of the at least one vehicle device using a hash function on the random number; processing at the master an expected hash message authentication code (HMAC) for each of the at least one vehicle device using the HMAC algorithm on an input and a stored key associated with each of the at least one vehicle device, respectively, the input being determined for each of the at least one vehicle device using the hash function on the random number, respectively, where a different key is stored in association with each of the at least one vehicle device; comparing the actual HMAC to the expected HMAC in the master for each of the at least one vehicle device; authenticating the at least one vehicle device if the actual HMAC matches the expected HMAC, and failing authentication if the actual HMAC does not match the expected HMAC; controlling certain vehicle operations upon authentication based on input received from interfaces; and causing at least one vehicle operation to be inhibited upon failing authentication for a preset number of times while the vehicle device is connected to the vehicle communication network.
This invention relates to a method for authenticating onboard processors in a vehicle communication network. The method addresses security concerns in vehicle systems by verifying the authenticity of onboard devices to prevent unauthorized access or tampering. A master unit generates a random number and sends it to one or more vehicle devices. Each device computes an actual HMAC by applying a hash function to the random number and then using an HMAC algorithm with a stored key. The master unit independently computes an expected HMAC for each device using the same random number, hash function, and a unique key associated with each device. The master compares the actual and expected HMACs. If they match, the device is authenticated, and certain vehicle operations can be controlled based on user input. If authentication fails a preset number of times, the system inhibits vehicle operations to prevent unauthorized access. This method ensures secure communication and operation of vehicle devices by verifying their authenticity before allowing access to critical functions.
10. The method of claim 9 , wherein the preset number of times is 1.
A system and method for optimizing data processing in a computing environment involves managing the execution of tasks to improve efficiency and resource utilization. The method addresses the challenge of redundant or unnecessary task repetitions, which can waste computational resources and delay processing. The invention ensures that tasks are executed only when necessary, preventing excessive or redundant operations. The method includes a step of determining whether a task should be executed based on predefined criteria, such as system state, resource availability, or task priority. If the criteria are met, the task is executed once, and no further repetitions are allowed. This ensures that tasks are processed efficiently without unnecessary re-execution. The system may also include a monitoring component to track task execution and enforce the single-execution rule, preventing any deviations from the preset limit. The invention is particularly useful in environments where task repetition could lead to inefficiencies, such as in real-time data processing, automated workflows, or distributed computing systems. By enforcing a strict limit on task repetitions, the method reduces computational overhead and improves overall system performance. The system may be implemented in software, hardware, or a combination of both, depending on the specific application requirements.
11. The method of claim 9 , wherein the master is a system control unit of a hybrid electric vehicle or an electric vehicle.
A system and method for managing power distribution in hybrid or electric vehicles involves a master control unit that coordinates energy flow between multiple power sources, such as a battery, an engine, and an electric motor. The master control unit monitors the state of each power source, including voltage, current, and temperature, to determine optimal power distribution. It dynamically adjusts power allocation to ensure efficient operation, prevent overloading, and extend the lifespan of the power sources. The system also includes a communication interface that allows the master control unit to exchange data with other vehicle systems, such as the powertrain and energy management systems, to optimize overall vehicle performance. The master control unit may prioritize power delivery to critical systems during high-demand situations, such as acceleration or regenerative braking, while maintaining stable power supply to non-critical systems. The method ensures reliable and efficient energy management in hybrid or electric vehicles, improving fuel economy and reducing emissions.
12. The method of claim 9 , wherein the at least one vehicle operation is an operation associated with a vehicle device that failed authentication for the preset number of times.
A system and method for managing vehicle operations based on authentication failures involves monitoring authentication attempts for vehicle devices, such as infotainment systems, keyless entry systems, or engine control modules. If a vehicle device fails authentication for a preset number of times, the system restricts or modifies one or more vehicle operations associated with that device. For example, if a keyless entry system fails authentication repeatedly, the system may disable remote locking/unlocking or limit access to certain vehicle functions. The method includes detecting authentication attempts, tracking failure counts, and applying predefined operational restrictions when the failure threshold is exceeded. This approach enhances vehicle security by preventing unauthorized access or misuse of vehicle systems after repeated failed authentication attempts. The system may also log these events for diagnostic or security analysis. The method ensures that vehicle operations remain secure while maintaining functionality for authorized users.
13. The method of claim 9 , wherein a different random number is generated and sent to different vehicle devices when there are more than one vehicle device.
This invention relates to a system for securely distributing random numbers to multiple vehicle devices. The problem addressed is ensuring secure and unique random number generation for each vehicle device in a network, preventing synchronization or predictability that could compromise security. The method involves generating a unique random number for each vehicle device when multiple devices are present, ensuring no two devices receive the same number. This prevents potential attacks where an attacker could predict or replicate the random number used for authentication or encryption. The system likely involves a central server or coordinator that generates and distributes these numbers, ensuring each vehicle device receives a distinct value. The method may be part of a larger vehicle communication or security protocol, where random numbers are used for session keys, authentication tokens, or other cryptographic operations. The invention ensures that even if one vehicle device is compromised, the random numbers assigned to other devices remain secure and unpredictable. This enhances the overall security of the vehicle network by preventing coordinated attacks or replay attacks that rely on shared or predictable random values. The system may also include error handling to ensure that if a device fails to receive a random number, the process is retried or an alternative number is generated. The invention is particularly useful in connected vehicle environments where secure communication between vehicles and infrastructure is critical.
14. The method of claim 9 , wherein the hash function is SHA3-256.
A method for secure data processing involves generating a cryptographic hash of input data to ensure data integrity and authenticity. The method includes selecting a hash function, such as SHA3-256, to compute a fixed-size hash value from variable-length input data. SHA3-256 is a member of the SHA-3 family of cryptographic hash functions, known for its resistance to collision and preimage attacks, making it suitable for applications requiring high security. The input data is processed through the hash function to produce a unique hash value, which can be used for verification, digital signatures, or data integrity checks. The method may also include comparing the generated hash value with a stored or expected hash value to detect tampering or corruption. This approach ensures that any alteration in the input data will result in a different hash value, providing a reliable mechanism for data validation. The use of SHA3-256 enhances security by leveraging its robust cryptographic properties, including resistance to known hash function vulnerabilities. This method is applicable in various domains, including cybersecurity, blockchain, and data storage systems, where secure and verifiable data processing is essential.
15. The method of claim 14 , wherein the actual HMAC is truncated or padded to a 64 bit size.
A method for processing cryptographic data involves generating a hash-based message authentication code (HMAC) to verify the integrity and authenticity of transmitted data. The HMAC is computed using a cryptographic hash function and a secret key, ensuring that only authorized parties can verify the data. In this method, the generated HMAC is adjusted to a fixed size of 64 bits by either truncating or padding the original HMAC value. Truncation involves reducing the HMAC to 64 bits by discarding excess bits, while padding involves adding bits to extend the HMAC to 64 bits if it is shorter. This size adjustment ensures compatibility with systems that require a standardized HMAC length, simplifying data transmission and processing. The method may be applied in secure communication protocols, digital signatures, or authentication systems where consistent HMAC sizing is necessary for interoperability. The approach balances security and efficiency by maintaining the integrity of the HMAC while adapting to fixed-length requirements.
16. The method of claim 9 , wherein the random number is generated by a pseudorandom number generator (PRNG) or a cryptographically secure random number generator (CSRNG).
A method for generating random numbers in cryptographic or security-sensitive applications involves using either a pseudorandom number generator (PRNG) or a cryptographically secure random number generator (CSRNG). The method addresses the need for reliable, unpredictable randomness in systems where security is critical, such as encryption, authentication, or key generation. PRNGs produce sequences that appear random but are deterministic and seeded, making them suitable for general-purpose applications where cryptographic security is not required. CSRNGs, on the other hand, provide true randomness or cryptographically strong pseudorandomness, ensuring resistance to prediction or manipulation by adversaries. The choice between PRNG and CSRNG depends on the security requirements of the application. The method ensures that the generated random numbers meet the necessary standards for unpredictability and resistance to attacks, enhancing the overall security of the system. This approach is particularly useful in environments where randomness is essential for maintaining confidentiality, integrity, or authenticity.
17. The method of claim 9 , further comprising setting at least one timer when the random number is sent to each of the at least one vehicle device, respectively, the at least one timer being set to a time where the master must receive the actual HMAC from each respective at least one vehicle device.
This invention relates to secure communication in vehicle networks, specifically addressing the challenge of verifying the authenticity of messages exchanged between a master device and vehicle devices using cryptographic techniques. The method involves generating a random number by the master device and sending it to at least one vehicle device. Each vehicle device then computes a cryptographic hash-based message authentication code (HMAC) using the random number and a shared secret key. The HMAC is sent back to the master device for verification. To ensure timely responses, the master device sets at least one timer for each vehicle device, with each timer configured to expire at a specific time by which the master must receive the HMAC from the respective vehicle device. This mechanism enforces synchronization and prevents delays or unauthorized access. The method may also include additional steps such as validating the HMAC, updating the shared secret key, and handling failed verifications. The invention enhances security in vehicle communication systems by ensuring that only authorized devices can participate in the authentication process within a defined timeframe.
18. The method of claim 17 , wherein the time is different for different vehicle devices.
A system and method for managing vehicle device operations involves coordinating the activation or deactivation of multiple vehicle devices based on a shared time reference. The system includes a central controller that synchronizes the timing of operations across different vehicle devices, ensuring that each device performs its function at the correct time relative to the others. This synchronization is critical for maintaining system efficiency, safety, and performance, particularly in environments where precise timing is required, such as in autonomous driving or vehicle diagnostics. The method involves determining a specific time for each vehicle device to perform an operation, such as activating or deactivating a component. The time may vary depending on the device, allowing for customized timing sequences tailored to the needs of each device. For example, one device may need to activate earlier than another to ensure proper system operation. The central controller monitors and adjusts the timing as needed, ensuring that all devices operate in harmony. This approach prevents conflicts between devices, reduces power consumption, and enhances overall system reliability. By dynamically adjusting the timing for each device, the system can adapt to changing conditions, such as varying environmental factors or operational demands. The method is particularly useful in complex vehicle systems where multiple devices must work together seamlessly.
19. The method of claim 17 , wherein the master determines that authentication fails for a vehicle device when the time expires without the receipt of the actual HMAC from the vehicle device.
This invention relates to vehicle authentication systems, specifically methods for securely verifying the identity of a vehicle device using cryptographic techniques. The problem addressed is ensuring secure and reliable authentication of vehicle devices in communication systems, particularly when time-sensitive responses are required. The method involves a master device initiating an authentication process with a vehicle device by sending a challenge message. The vehicle device generates a cryptographic hash-based message authentication code (HMAC) using a shared secret key and the challenge message. The vehicle device must respond with this HMAC within a predefined time window. If the master device does not receive the HMAC from the vehicle device before the time expires, the authentication process is deemed to have failed, indicating a potential security breach or communication issue. This ensures that only authorized devices with the correct cryptographic key can authenticate successfully within the required timeframe, enhancing security in vehicle communication networks. The method may also include additional steps such as generating the challenge message, validating the HMAC, and determining the expiration time based on network conditions or security policies.
20. The method of claim 9 further comprising: counting a number of times authentication has failed for each of the at least one vehicle device; and comparing the counted number of times with the preset number of times, when the counted number of times is less the preset number of times, authentication process is repeated with a new random number.
This invention relates to vehicle device authentication systems designed to enhance security by monitoring and responding to repeated authentication failures. The system addresses the problem of unauthorized access attempts to vehicle devices, such as infotainment systems, telematics units, or other connected components, by implementing a countermeasure mechanism that tracks failed authentication attempts and dynamically adjusts the authentication process. The method involves a vehicle device that requires authentication to access its functions. During the authentication process, the system counts the number of times authentication has failed for each vehicle device. This count is then compared to a preset threshold value. If the number of failures is below the threshold, the system repeats the authentication process using a new random number to prevent brute-force attacks. This approach ensures that repeated failed attempts do not lead to unauthorized access while maintaining usability for legitimate users. The system may also include additional security measures, such as locking the device or alerting the user after exceeding the preset failure threshold. The invention improves security by dynamically responding to suspicious activity without requiring manual intervention.
21. The method of claim 9 , wherein the at least one vehicle operation comprises high voltage, high current, high power, navigation, range and duration.
This invention relates to a method for monitoring and managing vehicle operations, particularly for electric or hybrid vehicles, to optimize performance, safety, and efficiency. The method involves tracking and analyzing multiple critical vehicle parameters, including high voltage, high current, and high power levels, which are essential for assessing battery health, charging efficiency, and power distribution in electric vehicles. Additionally, the method monitors navigation data to optimize route planning, range estimation, and energy consumption based on real-time conditions. Duration monitoring ensures that vehicle components operate within safe operational limits, preventing overheating or excessive wear. The system integrates these parameters to provide comprehensive diagnostics, predictive maintenance, and performance optimization. By continuously analyzing high-voltage and high-current data, the method detects potential electrical faults or inefficiencies, while navigation and range tracking help drivers maximize battery life and avoid range anxiety. The duration monitoring ensures long-term reliability by tracking component usage and wear. This approach enhances vehicle safety, extends battery life, and improves overall efficiency in electric and hybrid vehicles.
22. A computer program product including one or more non-transitory machine-readable media having instructions encoded thereon that, when executed by a processor, cause the processor to authenticate onboard processors over a vehicle communication network, comprising: generating a random number from a master; sending the random number from the master to at least one vehicle device; receiving an actual hash message authentication code (HMAC) from the at least one vehicle device via the vehicle communication network, where each of the at least one vehicle device determines the actual HMAC using a HMAC algorithm on an input and a key stored in the respective vehicle device, the input being determined by each of the at least one vehicle device using a hash function on the random number; processing at the master an expected hash message authentication code (HMAC) for each of the at least one vehicle device using the HMAC algorithm on an input and a stored key associated with each of the at least one vehicle device, respectively, the input being determined for each of the at least one vehicle device using the hash function on the random number, respectively, where a different key is stored in association with each of the at least one vehicle device; comparing the actual HMAC to the expected HMAC in the master for each of the at least one vehicle device; authenticating the at least one vehicle device if the actual HMAC matches the expected HMAC, and failing authentication if the actual HMAC does not match the expected HMAC; controlling certain vehicle operations upon authentication based on input received from interfaces; and causing at least one vehicle operation to be inhibited upon failing authentication for a preset number of times while the vehicle device is connected to the vehicle communication network.
This invention relates to a system for authenticating onboard processors in a vehicle communication network to ensure secure operation. The problem addressed is the need for reliable authentication of vehicle devices to prevent unauthorized access or tampering, which could compromise vehicle safety and functionality. The solution involves a master processor generating a random number and distributing it to one or more vehicle devices. Each device computes an actual HMAC using a stored key and a hash function applied to the random number. The master processor independently computes an expected HMAC for each device using its respective stored key and the same hash function. The master then compares the actual and expected HMACs. If they match, the device is authenticated, and certain vehicle operations are controlled based on user input. If authentication fails a preset number of times, the vehicle operation is inhibited to prevent unauthorized access. The system ensures secure communication by verifying each device's identity before allowing it to control vehicle functions, enhancing overall vehicle security.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
February 18, 2021
April 12, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.